Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/3pWxUE9dXu-9-x5TXfUP9nas-zM.roa
File: 3pWxUE9dXu-9-x5TXfUP9nas-zM.roa (raw, json)
Hash identifier: ETnOX6LnDYILxEmBgDhSEn47jH8VDXCUMXic14zbvLo=
Subject key identifier: DE:95:B1:50:4F:5D:5E:EF:BD:FB:1E:53:5D:F5:0F:F6:76:AC:FB:33
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 30E48ACE
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/3pWxUE9dXu-9-x5TXfUP9nas-zM.roa
Signing time: Fri 08 Apr 2022 06:11:16 +0000
ROA not before: Fri 08 Apr 2022 06:11:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12615
IP address blocks: 109.160.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820284110 (0x30e48ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Apr 8 06:11:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de95b1504f5d5eefbdfb1e535df50ff676acfb33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2b:8b:ed:9d:99:40:a9:b4:44:1b:b9:8d:05:
1a:5a:d2:40:3a:36:79:95:ca:b4:5c:e8:f0:6c:8d:
af:ee:a9:10:6e:4b:16:6c:6b:8e:e7:44:0e:62:4d:
38:e8:de:6a:1a:06:94:ed:e1:b6:bd:9b:9f:c0:3e:
04:8b:67:ed:76:5b:0e:44:d7:8f:9d:63:5d:2a:13:
6c:ee:9e:12:bf:a5:66:43:37:61:0a:d3:c3:d9:77:
c1:7a:b8:13:82:ef:63:b0:4b:97:d5:84:d9:67:0b:
fe:19:0a:01:05:aa:8f:b9:d7:7d:a0:47:ee:f5:3f:
69:6e:5a:00:47:d9:fc:46:86:47:19:1a:09:3c:21:
21:31:a1:f8:bb:a3:1a:a8:22:ad:62:0c:d6:09:a3:
8e:6d:a6:88:e3:6c:2e:5e:77:4d:b3:42:5f:02:93:
f1:1f:66:a8:7c:b2:06:5e:db:0d:03:07:f8:55:8f:
f5:63:a3:c4:6c:a7:03:c0:44:fb:c8:61:07:c5:ef:
df:70:5e:88:39:6a:99:b1:1d:fa:54:ce:1d:fd:26:
d6:5c:64:3d:59:bb:52:d3:2c:19:2b:73:ac:e8:0c:
5e:a3:f8:e1:99:47:f0:80:4b:3d:af:25:92:e4:30:
91:32:e0:ba:07:96:0a:14:75:91:4d:12:3e:cf:bf:
4a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:95:B1:50:4F:5D:5E:EF:BD:FB:1E:53:5D:F5:0F:F6:76:AC:FB:33
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/3pWxUE9dXu-9-x5TXfUP9nas-zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.118.0/24
Signature Algorithm: sha256WithRSAEncryption
60:74:bb:31:9b:16:6f:47:c5:84:75:f7:b1:90:df:ee:79:e6:
ab:99:a5:fa:e2:c2:18:1f:cf:5a:e6:89:4f:46:5c:b6:06:dc:
79:a3:3b:85:7f:25:94:d0:cb:ff:67:64:e1:c1:2d:b9:c2:a8:
57:24:3d:13:cf:31:de:81:15:79:42:b9:fd:b2:c0:22:fd:f9:
d3:62:93:c1:4d:ef:2d:de:d8:99:d0:1b:7e:b9:bd:4a:a9:8a:
a7:a0:ec:d1:7c:9f:ba:51:ba:ff:3a:a2:ad:9e:ae:66:bc:80:
4d:14:3b:aa:89:cb:bd:3c:2d:cd:86:82:71:15:92:8c:54:66:
6a:84:a9:f6:5f:f9:09:2c:fe:fe:73:4c:5b:8b:6e:05:f5:2b:
e4:c7:d7:4e:bb:b7:8f:2a:42:e2:73:a2:f7:f5:01:90:88:02:
47:04:0c:86:20:b9:aa:12:c1:b8:29:83:1c:5a:26:57:b9:22:
ad:bf:e2:c8:b9:a2:48:1b:78:e5:29:23:a7:91:ee:26:21:33:
14:29:7f:c3:70:6e:79:9e:5a:fa:04:e9:ad:ed:ed:3f:30:b8:
60:af:92:bf:4a:61:19:f9:25:b1:97:3d:b0:fe:2d:31:35:f0:
b5:8d:08:d4:88:3e:92:2f:5a:3c:cd:4a:88:d6:46:43:b0:c5:
d5:88:e6:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMOSKzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDQw
ODA2MTExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU5NWIxNTA0ZjVk
NWVlZmJkZmIxZTUzNWRmNTBmZjY3NmFjZmIzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAri+2dmUCptEQbuY0FGlrSQDo2eZXKtFzo8GyNr+6pEG5L
FmxrjudEDmJNOOjeahoGlO3htr2bn8A+BItn7XZbDkTXj51jXSoTbO6eEr+lZkM3
YQrTw9l3wXq4E4LvY7BLl9WE2WcL/hkKAQWqj7nXfaBH7vU/aW5aAEfZ/EaGRxka
CTwhITGh+LujGqgirWIM1gmjjm2miONsLl53TbNCXwKT8R9mqHyyBl7bDQMH+FWP
9WOjxGynA8BE+8hhB8Xv33BeiDlqmbEd+lTOHf0m1lxkPVm7UtMsGStzrOgMXqP4
4ZlH8IBLPa8lkuQwkTLgugeWChR1kU0SPs+/SiUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTelbFQT11e7737HlNd9Q/2dqz7MzAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
LzNwV3hVRTlkWHUtOS14NVRYZlVQOW5hcy16TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG2gdjANBgkqhkiG9w0BAQsFAAOC
AQEAYHS7MZsWb0fFhHX3sZDf7nnmq5ml+uLCGB/PWuaJT0ZctgbceaM7hX8llNDL
/2dk4cEtucKoVyQ9E88x3oEVeUK5/bLAIv3502KTwU3vLd7YmdAbfrm9SqmKp6Ds
0XyfulG6/zqirZ6uZryATRQ7qonLvTwtzYaCcRWSjFRmaoSp9l/5CSz+/nNMW4tu
BfUr5MfXTru3jypC4nOi9/UBkIgCRwQMhiC5qhLBuCmDHFomV7kirb/iyLmiSBt4
5Skjp5HuJiEzFCl/w3BueZ5a+gTpre3tPzC4YK+Sv0phGfklsZc9sP4tMTXwtY0I
1Ig+ki9aPM1KiNZGQ7DF1YjmiQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:40 2023 by rpki-client on console-fra.rpki-client.org